AI-powered code review for GitHub and GitLab. Catches real bugs, leaked secrets, and risky changes on every pull request.
Install the GitHub App, open a PR, and let MicroReview handle the rest.
One-click install from GitHub Marketplace. Pick your repos. Sensible defaults work out of the box.
MicroReview runs 30+ rules, 13 secret patterns, and AI bug detection on every changed file. Takes seconds.
Get a risk score, AI walkthrough, inline fixes, and clear merge decisions. Critical issues block. Clean PRs auto-approve.
Real comments from a real PR. AI explains why it matters and suggests the exact fix.
AI_BUG_DETECTION — Division by getItems().size() computes the average price, not the total. This will undercharge every customer.
A single summary comment with walkthrough, risk score, findings table, and AI advisory notes. Your team's first stop on every review.
PaymentService with charge and refund methodsOrderController to call payment service on checkoutapplication-dev.properties with API credentials██████████████▁▁▁▁▁▁ 72%
| Rule | New | Existing | Severity |
|---|---|---|---|
| SECRET_DETECTION | 3 | 0 | Critical |
| HARDCODED_URL | 2 | 0 | Warning |
| REQUEST_BODY_MISSING_VALID | 1 | 0 | Critical |
| AI_BUG_DETECTION | 2 | 0 | Warning |
| TS_CONSOLE_LOG | 1 | 0 | Warning |
@Valid on request body allows malformed payment requests to reach the Stripe API.GPT-4.1-mini analyzes every diff for logic bugs, type mismatches, null pointer risks, and race conditions.
13 patterns catch API keys, passwords, AWS credentials, Stripe keys, GitHub tokens, private keys, and more.
Every PR gets a single risk number. Low? Auto-approve. High? Mandatory senior review. No more guessing.
AI-generated summary of what the PR does, which areas changed, and why it might be risky.
Critical issues trigger REQUEST_CHANGES and block the merge. Configurable severity thresholds per repo.
Define regex rules in .microreview.yml to ban APIs, enforce naming, or catch domain-specific patterns.
Check runs, inline annotations, and pass/fail status. Integrates with branch protection rules.
/microreview recheck to rerun, ignore to suppress, help for docs. Control from the PR.
Full platform abstraction. Same rules, same AI, same experience on both platforms. Bitbucket coming soon.
Every PR gets a 0–100 score based on findings, severity, and what code was touched. Enables instant triage without reading every diff.
| Feature | MicroReview | CodeRabbit | GitHub Copilot |
|---|---|---|---|
| AI Bug Detection | ✓ | ✓ | ✓ |
| Secret Detection (13 patterns) | ✓ | Partial | ✗ |
| Risk Score (0–100) | ✓ | ✗ | ✗ |
| Merge Blocking | ✓ | ✗ | ✗ |
| PR Walkthrough + Summary | ✓ | ✓ | Partial |
| Custom Regex Rules | ✓ | ✓ | ✗ |
| GitLab Support | ✓ | ✓ | ✗ |
| GitHub Checks API | ✓ | ✗ | ✗ |
| Price / seat / month | $5 | $12 | $19 |
No credit card required. Install in 30 seconds.
Install MicroReview in 30 seconds. Free forever for small projects.
SECRET_DETECTION — Stripe live secret key detected in source code. This key grants full access to your Stripe account.
If merged, anyone with repo access can make charges, issue refunds, or exfiltrate customer payment data.
+ @Value("${stripe.api.key}") String apiKey;